DETAILED ACTION
1.	This action is responsive to communications regarding the applicant’s amendments and arguments, filed on 03/18/2021.
2.	Claims 1-4 are pending 
Notice of Pre-AIA  or AIA  Status
3. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Response to Arguments and Amendments
4.	Applicant’s arguments, see pages 1-2 on remarks, filed 03/18/2021, with respect to the rejection(s) of claim(s) 1-4 under 103 rejections have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Jon Oberheide (US 9774448).

				Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

5.	Claims 1-4 are rejected under 35 U.S.C 103 as being unpatentable over Hans Reisgies (US20120159612), in view of Samuel Bailey JR (US20110154497), Alon Mordechai Fliess (US 8578348), John Graham (US20080215474), and further in view of Jon Oberheide (US 9774448), hereinafter Oberheide.

Regarding claim 1:
	Reisgies discloses a system for generation, storage, administration and use of one or more digital secrets in association with a portable electronic device, the system comprising: - a highly secured memory in the portable electronic device, storing only one or more issuer keys card services module 420 will manage the storage, retrieval, and administrative issues associated with storing each of the passwords, keys, secrets, and other certifying credentials in secure element 120 or secure data store 115 (i.e. the secure transactional subsystem 150) (Reisgies, paragraph 47), and further  the secure data store 115 provides secured storage on the portable communication device 50. Various levels of security may be provided depending upon the nature of the data intended for storage in secure data store 115. For instance, secure data store 115 may simply be password-protected at the operating system level of device 50, and data in secure data stored 115 is preferably encrypted (Reisgies, paragraph 38). Examiner interprets that secure store 115 is equivalent with highly secured memory limitation in claim 1, and the data stored 115 is highly secured protect from the portable communication device 50.
	 One or more cryptography applets implemented in the portable electronic device outside of the highly secured memory  as shown in FIG. 2, each portable communication device 50 may contain one or more third party applications 200 (e.g. selected by the consumer) (Reisgies, paragraph 36), and  card service module SSL, in Open Wallet 100 (Fig 3). Application 200 is in the portable electronic device, but it outside banking app, and secure data store 115.
	The ThIM establishes and manages a highly trusted communication conduit between the highly secured memory, and at least one third party application wallet user interface 410 will manage the user input whereas card services module 420 will manage the storage, retrieval, and administrative issues associated with storing each of the passwords, keys, secrets, and other certifying credentials in secure element 120 or secure data store 115 (Reisgies, paragraph 47), examiner interprets that wallet user interface 410 is highly trusted intermediary module (ThIM), and further the user interface may be generated by wallet user interface 410 or a trusted third party application 200 supported by OpenWallet 100; which then validates the card issuer's compliance rules and facilitates a direct key exchange between the OpenWallet 100 (or Card Services Module 420) on the user's mobile device 50 (Reisgies, paragraph 50). The wallet user interface 410 manage trust secured communication conduit between secure data store 115, third party application 200, and also card service module SSL. 
The ThIM managing highly trusted communications between the trusted third party application and the highly secured memory in accordance with the acceptable interaction parameters OpenWallet 100 verifies the trusted status of any third party application 200 before that application is allowed access to the secure element 120 (or secure data store 115 and even preferably the metadata repository 125) on the portable communication device 50 to view, select and/or change secure data stored in the payment Subsystem 150. In one approach noted above, this verification may be accomplished by accessing a local authorization database of permitted or trusted applications (Reisgies, paragraph 54). 
	However, Reisgies fails to disclose a keystore implemented in the portable electronic device outside of the highly secure memory; a keystore implemented in the portable electronic device outside of the highly secured memory; one or more cryptography applets implemented in the portable electronic device outside of the highly secured memory; a highly trusted intermediary module (ThIM) implemented outside of the highly secured memory; wherein the ThIM polls the portable electronic device, the highly secured memory, the keystore, the one or more cryptography applets to determine a trust score, initialization cost, and transaction cost for each component in the portable electronic device, the ThIM providing a trusted third party application acceptable interaction parameters based on the trust score, the initialization cost, and the transaction cost; and wherein each of the one or more issuer keys comprises a cryptographic key provided for use by said at least one third party application.
	Bailey teaches a keystore implemented in the portable electronic device outside of the highly secure memory; a keystore implemented in the portable electronic device outside of the highly secured memory storage device 210 stores data and/or instructions corresponding to one or more sensor(s) 216 as well data and/or instructions corresponding to TM agent 10; TM agent 108 a communicates the risk variable to trust mediator 116, based on data reporting instructions received from trust mediator 116 (Bailey, paragraph 46); the one or more cryptography applets to editor 116 may permit a transaction having a risk of loss higher than the maximally permissible risk of loss, so long as the running average of the risk of loss does not exceed the maximally permissible risk of loss. In this way, an acceptable average risk of loss is maintained, while permitting the completion of transactions that may have otherwise been deemed too risky (Bailey, paragraph 12), and further  the security-related information is then funneled into one or more statistical models to compute risk score(s) corresponding to specific transactions and/or to specific protection mechanisms, and the like. Trust mediator 116 manages the dynamic risk policy by making specific security decisions, such as enabling a specific protection mechanism, based on these computed risk score(s) (Bailey, paragraph 91). 
Therefore, it would have been obvious to one ordinary skill in the art before the effective filing date of the invention was made to combine Reisgies and Bailey in order to detect changes in network security characteristics, and adapt based on these detected changes to maintain an acceptable level of security for existing and new network connections including merchants, customers, and partners for visiting and home networks (Bailey, paragraph 9). 
Fliess teaches determine initialization cost, and transaction cost for each component in the portable electronic device performing cost analysis calculations and storing the calculations in a data backend for persistence. The profiling process includes a cost calculation engine which calculates the cost of operation from one or more collected profiling events. It exposes various pricing models for different types of operations (i.e. cost profiles): (1) inbound traffic based on price per gigabyte; (2) transaction count based on price per transaction; and (3) storage size based on price per gigabyte (Fliess, column 34, [lines 5-14]). Therefore, it would have been obvious to one ordinary skill in the art before the effective filing date of the invention was made to combine Reisgies and Fliess in order to enable organizations to reduce costs of their software TCO. A development tool such as the cost oriented profiler (COP) mechanism can provide the guidance needed in the new era of cost oriented architecture (COA) and cost oriented programming
having the trusted third party calculate electronically the buyer's trust score and seller's trust score which is dependent upon the seller's trading history and the seller's financial standing for the purchase of the one or more intangible assets; contracting for a sale of the specified one or more intangible assets, which includes monies, amount of credit, amount of escrow and amount of bond to be deposited with the trusted third party that is dependent upon the buyer's trust and seller's trust score (Graham , paragraph 13).  
Therefore, it would have been obvious to one ordinary skill in the art before the effective filing date of the invention was made to combine Reisgies and Bailey in order to detect changes in network security characteristics, and adapt based on these detected changes to maintain an acceptable level of security for existing and new network connections including merchants, customers, and partners for visiting and home networks (Bailey, paragraph 9).
	Oberheide teaches wherein each of the one or more issuer keys comprises a cryptographic key provided for use by said at least one third party application the key management system 110 can be a sub-module within a parent application, and managing where and how cryptographic key are stored, and determine key retrieval access by user or application credentials, and allowing for the transmissions of keys to the parent app or to other apps (Oberhiede, column 3, [[lines 50-67]). Therefore, it would have been obvious to one ordinary skill in the art before the effective filing date of the invention was made to combine Reisgies and Oberhiede in order generating a security capability assessment on a first electronic device based on security capabilities of the device , selecting a key management mode based on the security capability assessment , generating a cryptographic key based on the key management mode , and storing the cryptographic key based on the key management mode.

	Regarding claims 2 and 4:
Claims 2 and 4 are rejected under the same reason set forth in rejection of claim 1.
	
Regarding claim 3:
If it is determined that the two or more users 122 are in relatively close proximity to each other, TM agent 108 a and/or trust mediator 116 can establish a trust between the corresponding two external terminals 102 by, for example, providing each external terminal 102 with a token, such as a key (Bailey, paragraph 108). Therefore, it would have been obvious to one ordinary skill in the art before the effective filing date of the invention was made to combine Reisgies and Bailey in order to detect changes in network security characteristics, and adapt based on these detected changes to maintain an acceptable level of security for existing and new network connections including merchants, customers, and partners for visiting and home networks (Bailey, paragraph 9).
  

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to THANH H LE whose telephone number is (571)272-8556.  The examiner can normally be reached on Monday-Friday 8:00a.m to 5p.m. EST.
 Nickerson Jeffrey L can be reached on (469) 295-9235.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either obtained from either Private PAIR or Public PAIR. Status information for unpublished application is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov . Should you have question on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automatic information system, call 800-786-9199 (In USA or CANADA) or 571-272-1000.
/THANH H LE/Examiner, Art Unit 2432                                                                                                                                                                                                        
/Kevin Bechtel/Primary Examiner, Art Unit 2491